Sr Engineer, Penetration Test & Cybersecurity jobs in United States
cer-icon
Apply on Employer Site
company-logo

Ensemble Health Partners · 14 hours ago

Sr Engineer, Penetration Test & Cybersecurity

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level
money$84K/yr - $126K/yr
date5+ years exp

Ensemble Health Partners is a leading provider of technology-enabled revenue cycle management solutions for health systems. The Senior Penetration Testing Engineer, Cybersecurity will lead advanced penetration testing engagements and red team exercises to enhance the security posture of the organization, while also mentoring junior team members and contributing to security strategy.

Health CareHospitality

Responsibilities

Lead, scope and conduct penetration testing engagements, ensuring comprehensive coverage of modern attack vectors across networks, cloud, applications, and hardware
Develop and execute advanced red team exercises, including adversary emulation, lateral movement, and breach simulation to assess real-world attack resilience
Develop reports and deliver presentations that explain the findings of research and vulnerability assessments to both technical and executive-level audiences
Participate in the validation of threat models for Ensemble developed systems, ensuring the attack simulation is accurate
Lead the coordination and execution of red team/purple team exercises to enhance detection and response capabilities, as well as test the functionality of security systems
Leverage tools commonly used to perform security testing (e.g., Nmap, Burp Suite, evilginx, hashcat, Metasploit, Nessus, impacket, C2 frameworks, nuclei, gophish, Dradis, Ghostwriter, etc.), and develop custom payloads to support testing engagements as necessary
Oversee the optimizing scan profiles in DAST and pentest frameworks to ensure comprehensive coverage of testing; review and validate findings these tools
Advise development resources on security threats and potential remediation and control adjustments to address the current threat landscape
Design and perform social engineering activities (e.g., phishing, USB drops) to assess organizational security posture
Provide tracking and remediation oversight for resolving security issues during all stages of the development process
Enhance enterprise security policies, procedures, and documentation
Deliver security awareness training and lead knowledge-sharing initiatives within the security team and broader organization
Create security-related metrics and increase security visibility across the organization by translating complex vulnerabilities into actionable business risks

Qualification

Penetration TestingRed Team ExercisesVulnerability ManagementExploit DevelopmentSecurity AssessmentsMetasploitBurp SuiteOWASP Top10LinuxWindowsPythonCloud SecurityCommunication SkillsProblem SolvingTeam Leadership

Required

5-7 years of related pentesting cybersecurity experience
Bachelors degree or equivalent experience
A minimum of 7+ years of experience in Information Technology
A minimum of 5 years of experience in performing penetration tests
Proven mastery with common penetration toolsets (i.e. Metasploit, Burp Suite, Kali Linux, etc.)
Experience with Vulnerability Management platforms (i.e. Wiz, Qualys, Nessus, etc.)
Expert-level knowledge of OWASP Top10 and the OWASP Web Security Testing Guide
Demonstrated understanding of network and application protocols (e.g., TCP, UDP, SMB, HTTP, FTP)
Knowledge of how software works and interacts at various layers
Experience in conducting security assessments, source code reviews, and vulnerability analysis against web applications, thick clients, and network infrastructure
The ability to read and understand stack traces and source code call trees to verify issues reported by tooling is legitimate
Excellent problem solving and analysis skills, including the ability to logically create structure and order from unstructured inputs
Strong familiarity with Linux and Windows operating systems, cloud provider ecosystems like Azure and Amazon AWS, and containerization technologies like Docker and Kubernetes
Ability to develop and execute automated security testing workflows using Python, PowerShell, Bash, or similar scripting languages
Adherence to change management process
Great Communication Skills – you will be a Security ambassador to other teams, partnering to add security to their delivery pipelines
Experience in creating and delivering technical documentation and presentations to a variety of audiences, including technical teams and executive management
Ability to own and resolve problems

Preferred

Familiarity with malware analysis, reverse engineering, and binary exploitation is a plus

Benefits

Healthcare
Time off
Retirement
Well-being programs
Professional certification relevant to their field
Tuition reimbursement
Quarterly and annual incentive programs

Company

Ensemble Health Partners

twittertwittertwitter
Glassdoor3.2
company-logo
Ensemble Health Partners is the leading revenue cycle management company for hospitals, health systems and physician practices.
dateFounded in 2014
location
Cincinnati, Ohio, USA
people-size10001+ employees
web-link
https://ensemblehp.com

Funding

Current Stage
Late Stage
Total Funding
unknown
Key Investors
Berkshire Partners,Warburg Pincus
2022-03-25Private Equity
2019-05-30Acquired

Leadership Team

leader-logo
Judson Ivy
Founder and CEO
linkedin
leader-logo
Matt Tormey
EVP Compliance and Risk
linkedin

Recent News

PitchBook
Ensemble RCM lines up $4.4B syndicated loan backing recap, dividend to PE sponsors
2026-01-23
GlobeNewswire
Ensemble Earns Back-to-Back Recognition in Modern Healthcare’s Best in Business for Healthcare Technology
2026-01-13
GlobeNewswire
Ensemble Recognized as a Leader in IDC MarketScape for U.S. Revenue Cycle Management Service Solutions
2025-12-16
Company data provided by crunchbase